We describe a uniform logical framework, based on a bunched logic that combines classical additives and very weak multiplicatives, for reasoning compositionally about access control policy models. We show how our approach takes account of the underlying system architecture, and so provides a way to identify and reason about how vulnerabilities may arise (and be removed) as a result of the architecture of the system. We consider, using frame rules, how local properties of access control policies are maintained as the system architecture evolves.
- substructural logic
- layered graphs
- access control
Collinson, M., McDonald, K., & Pym, D. (2017). Layered graph logic as an assertion language for access control policy models. Journal of Logic and Computation, 27(1), 41-80. https://doi.org/10.1093/logcom/exv020